Assurance and business continuity
Management assurance framework
QSS have an effective business control environment, reliable information systems and internal controls for managing assurance.
Read the QSS management assurance framework for more information
External assurance
External assurance practices require QSS to documents our finance, human resources and technology:
- services
- transactions
- system control objectives
- controls designed to achieve those objectives.
Read the QSS system description for more information
Business continuity management
QSS have embedded business continuity management practices that align to:
- Information Standard – Information Security (IS18)
- department business continuity and disaster management framework, policy and guidelines
- Business Continuity Institute Good Practice Guidelines 2018.
QSS have a robust business continuity plan and have undertaken scenario planning to ensure they continue delivering critical services in case of business disruption.
They have also confirmed that vendors (including Aurion, SAP, CommBank, ServiceNow and CITEC) have strategies and continuity plans in place.
In the case of business disruption, QSS will prioritise the following activities:
- payroll processing
- vendor payment processing
- critical ICT systems support.
QSS is confident in its ability to continue to deliver essential services during business disruptions.